Re: [PATCH 1/1] arm: get task_stack reference before dump_backtrace

Next message: Sibi Sankar: "[PATCH V3 4/5] arm64: dts: qcom: x1-crd: Add Embedded controller node"
Previous message: Linus Walleij: "Re: [PATCH 3/3] ARM: dts: qcom: msm8960: expressatt: Add camera flash"
Next in thread: Russell King (Oracle): "Re: [PATCH 1/1] arm: get task_stack reference before dump_backtrace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Linus Walleij

Date: Sun Mar 08 2026 - 19:39:42 EST

On Thu, Mar 5, 2026 at 8:05 AM Maninder Singh <maninder1.s@xxxxxxxxxxx> wrote:

> With Support of THREAD_INFO_IN_TASK, stack of task can be
> freed earlier than task (even if task's reference is taken),
> and it needs separate reference with try_get_task_stack()
> before using the stack.
> Otherwise if someone calls show_stack() for task, it can oops
> the kernel like below: (Tried with normal race of show_stack when
> task still exists, but its stack is freed)
>
> 8<--- cut here ---
> Unable to handle kernel paging request at virtual address f8aebec4 when read
> [f8aebec4] *pgd=83c2c811, *pte=00000000, *ppte=00000000
> Internal error: Oops: 7 [#1] SMP ARM
> ..
> CPU: 0 UID: 0 PID: 70 Comm: cat Not tainted 7.0.0-rc2-next-20260302+ #26 VOLUNTARY
> ..
> PC is at __read_once_word_nocheck+0x0/0x8
> LR is at unwind_frame+0x6b0/0xa90
> ...
> Call trace:
> __read_once_word_nocheck from unwind_frame+0x6b0/0xa90
> unwind_frame from unwind_backtrace+0x178/0x1e0
> unwind_backtrace from show_stack+0x10/0x14
> ...
>
> ARM64 also takes care of it in dump_backtrace(), so same logic
> is added for ARM also.
>
> Fixes: 18ed1c01a7dd ("ARM: smp: Enable THREAD_INFO_IN_TASK")
> Signed-off-by: Maninder Singh <maninder1.s@xxxxxxxxxxx>

Ard B should review this but it looks right to me:
Acked-by: Linus Walleij <linusw@xxxxxxxxxx>

Yours,
Linus Walleij